public void OnAuthenticationChallenge(AuthenticationChallengeContext filterContext) { string challenge; if (String.IsNullOrEmpty(Realm)) { challenge = "Basic"; } else { // A correct implementation should verify that Realm does not contain a quote character unless properly // escaped (precededed by a backslash that is not itself escaped). challenge = "Basic realm=\"" + Realm + "\""; } filterContext.ChallengeWith(challenge); }